Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Oracle Fusion Middleware Identity Manager REST Web Services Unauthenticated Takeover Vulnerability

Vulnerability

Exploited

An easily exploitable vulnerability has been identified in the Identity Manager component of Oracle Fusion Middleware, specifically in versions 12.2.1.4.0 and 14.1.2.1.0. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the Identity Manager. Successful exploitation can lead to a complete takeover of the Identity Manager.

Impact

Exploitation of this vulnerability can result in unauthorized takeover of the Identity Manager, allowing an attacker to gain control over the application and its functionalities.

Added: Oct 21, 2025, 9:15 PM

Updated: Nov 21, 2025, 9:42 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.8

threat

9.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.8

threat

9.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Oracle Fusion Middleware Identity Manager REST Web Services Unauthenticated Takeover Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating